BUYUCOIN

DESCRIPTION OF EVENTS

"Founded in July 2016, BuyUcoin is a crypto wallet and exchange platform where merchants and consumers can transact with digital assets like Bitcoin, ethereum, ripple etc." "Based out of Delhi-NCR, the company claims it has over 3.5 lakh customers and has helped them trade in over $500 million to date."

"Buyucoin, a Delhi NCR-based cryptocurrency exchange, has reportedly been hacked. The exchange has more than 350K registered users and has facilitated over $500 million in cryptocurrency trades, according to its website. Several local news outlets reported that sensitive data of about 325K customers has been dumped onto the dark web."

"In yet another data breach, sensitive data of nearly 3.25 lakh users of India-based global cryptocurrency exchange and wallet, BuyUcoin, have been exposed on the Dark Web." "The data leaked include names, e-mails, mobile numbers, encrypted passwords, user wallet details, order details, bank details, KYC details (PAN number, passport numbers) and deposit history." "In total, the alleged data dump comprises of three separate archives, with the associated dates of June 1, July 14, and September 5, 2020."

"According to independent cyber security researcher Rajshekhar Rajaharia, the 6GB file on MongoDB database contains three backup files containing BuyUcoin data."

"This is a serious hack as key financial, banking and KYC details have been leaked on the Dark Web," Rajaharia told IANS and shared some screenshots of the leaked data.

"Researchers at cyber security firm Kela Research and Strategy Ltd first discovered the stolen data, linked on the same forum, from Wongnai Media Co Ltd, Tuned Global Pvt Ltd, BuyUcoin, Wappalyzer, Teespring Inc and Bonobos.com, which looks the handiwork of infamous hacking group ShinyHunters."

"Israel-based darknet threat intelligence provider KELA confirmed the leak to the publication. The firm’s threat intelligence analyst Victoria Kivilevich explained that “These records are now circulating on the dark web and available for use by other cyber criminals.” She added that they can use the data for anything from “phishing scams to gaining admin privileges and access into corporate networks if corporate credentials have been leaked.”"

"In a statement updated on January 21, BuyUcoin said the organization is "thoroughly investigating each and every aspect" of the report. The Indian cryptocurrency exchange added that "all our user's portfolio assets are safe and sound within a secure environment" and "95% of user funds are kept in cold storage.""

"Since reports of the security breach emerged, Buyucoin has released two official statements on the matter. The first was written by its CEO, Shivam Thakral. He wrote: “In the mid of 2020, while conducting a routine testing exercise with dummy data, we faced a ‘low impact security incident’ in which non-sensitive, dummy data of only 200 entries were impacted. We would like to clarify that not even a single customer was affected during the incident.”"

Rajaharia responded to the exchange’s official statement in a tweet: “Such an irresponsible statement by Buyucoin. I am your registered and KYC verified user. You leaked my own data too. Please change your statement asap. What if someone used my account in any illegal activity. Please inform your users right now.”

"The Buyucoin CEO’s message was subsequently replaced with a different one by the exchange. “Regarding the media report,” Buyucoin wrote."

"We are thoroughly investigating each and every aspect of the report about malicious and unlawful cybercrime activities by foreign entities in mid-2020."

BuyUCoin failed to protect the private data of customers, and this was breached by hackers. The company initially denied the incident.

The Complete List of Crypto Exchange Hacks - CryptoSec (May 11)
Cryptocurrency startup BuyUcoin hacked, data of over 3 lakh users leaked | Business Insider India (Sep 18)
BuyUcoin hack: Key data of 3.25 lakh Indian users leaked  (Sep 18)
Indian Crypto Exchange Buyucoin Hacked, Sensitive Data of 325K Users Reportedly Leaked – Exchanges Bitcoin News (Sep 18)
Data of BuyUcoin cryptocurrency exchange traders allegedly leaked online | ZDNet (Sep 18)
SlowMist Hacked - SlowMist Zone (Jun 26)

More case studies

Saddle Finance
Arbitrage Exploit

Ledger Seed Phrase
Leaked elm099